IN the age of a hyperconnected global economy, cyberspace not only opens up fundamentally new opportunities for futuristic developments but also brings in new challenges and risks, and represents one of the leading unconventional threats to global security.
For developing economies like Malaysia, digitalisation has been identified as a top priority and backbone of a high-tech economy, moving forward, especially set against the current global trend of the fourth (and now even the emerging fifth) industrial revolution of various sectors which perhaps the most familiar of which is e-commerce that uses e-payment as a medium of financial transactions.
The intensification of digital trends in Malaysia, including the one mentioned above, in terms of their mass appeal and usage, also exposes us to the dangers and heightened risks such as hacking.
In the early 2000s, the websites of Parliament and University Technology Mara (UiTM) were hacked and the contents of homepages appeared in a foreign language.
The scenario recurred in 2011 but on a broader scale when a group simply self-styled “Anonymous” threatened to expose confidential documents after successfully hacking into fifty-one government official websites. That served as a reminder of how fragile our national cyber security system had been (see, “Hackers disrupt 51 Malaysian government websites”, Reuters, 2011).
To enhance and consolidate national cyber security governance in Malaysia at the “macro”-level, the government established the National Cyber Security Agency (Nacsa) in February 2017 to coordinate the security of our Critical National Information Infrastructures (CNII).
At the “micro”-level, there’s e.g., the annual X-Maya/National Cyber Crisis Exercises jointly-organised by the National Security Council (NSC) and CyberSecurity Malaysia in collaboration with the private sector – and hence a public-private partnership (PPP) initiative – which aims at assessing the readiness of critical infrastructures against cyber-attacks to create a resilient digital environment against systemic cyber risks.
As a result, Malaysia has been successfully listed as one of the top ten countries with a high commitment to cybersecurity in the Global Cybersecurity Index 2020 report (see, “Saifuddin: Malaysia Ranked Among Top 10 Countries with Highest Commitment to Cybersecurity”, Ministry of Communications and Multimedia Malaysia/K-KOMM).
Despite the constant and repeated readiness exercises and stress tests, and also the upgrade to newer technologies or higher levels of technical/technological sophistications, the critical issue is whether or not we can still keep pace with the fast emerging and ever-rising new cyber-threats that seem to be constantly lurking “in the background”?
Since Covid-19, cybercrime has been up by 600% (as per the United Nations Office on Drugs and Crime/UNODC for Southeast Asia and the Pacific).
Global spending on cybersecurity is predicted to exceed USD1 trillion by now. According to Kaspersky, cyber-attacks grew from 32,500,000 globally in 2021 to almost 35,400,000 in 2022 (year to date).
One of the most rapidly evolving pernicious forms of cyber threats is ransomware – a type of malware that involves extortion whereby hackers prevent users from accessing data until a ransom is paid.
Ransomware is 60 times more destructive currently than it was in 2015 (as per cyber security firm, PurpleSec).
Furthermore, Norton has highlighted (from CheckPoint Software Technologies) how ransomware attacks increased by 102% in 2021 compared to the beginning of 2020, and “[show] no sign of slowing down”.
The modus operandi has even metamorphosed into Ransomware as a Service (RaaS) – where operators provide the infrastructure required to perform a ransomware attack (for “affiliates”) together with the payment portal (for victims) and also, as the case may be, the “customer service” (i.e., for overriding the ransomware concerned).
In Malaysia, more than 20,000 cybercrimes were reported in 2021 alone which involved losses of at least RM560 million. Between 2017 and 2021, the country suffered losses of about RM2.23 billion due to cybercrimes.
Along with that arises the critical question of the sufficiency and adequacy of the relevant laws in place.
The foiled cyber heist attempt on Bank Negara in 2018 which sought to facilitate unauthorised fund transfers using falsified Swift (Society for Worldwide Interbank Financial Telecommunication) messages sparked intense public outcry and nearly undermined confidence in the payments/settlements system.
The settlements system is crucial for the interbank movement and shifting/shuffling of the reserves, and the rise in the OPR (Overnight Policy Rate) could see Bank Negara intervene to manage liquidity on a more frequent basis to ensure that the target rate can be hit.
Furthermore, EPF bond holdings may come under increasing stress/pressure due to the double squeeze (as is akin to a double pincer movement in military parlance) from higher interest rates emanating domestically and overseas.
This in the local context of depleted EPF funds which might lower the local bid-to-cover auction ratio that in turn could further push up borrowing costs attractive to overseas investors but further depressing the ringgit with the sell-offs (as in outflows) in a “feedback” or “doom” loop, on the one hand.
On the other hand, the EPF might be “forced” to “cap” its allocation for bonds in favour of overseas investment to try reap higher returns amidst extreme volatility and uncertainty in the overseas markets suffering also from a self-inflicted energy crisis.
By the end of 2024, Malaysia is expected (on the optimistic side) to have 80% of densely populated areas covered by 5G networks (see, “5G Technology: Moving Industries by Leaps and Bounds”, Malaysian Investment Development Authority/MIDA). This raises concerns of potential escalation in ransomware, botnets and DDoS (Distributed Denial of Service) attacks, etc.
As the global race towards digitalisation becomes more acute, the need for cyber diplomacy will also become more vital since cyber threats (like any other global challenges) require multilateral and bilateral cooperation.
This explains the logic of state engagement in cyber diplomacy.
Cyber diplomacy is an instrument of statecraft that sovereign states use to achieve their national interest goals in cyberspace.
In the regional context, Malaysia has actively engaged in Asean-led mechanisms such as the Asean Regional Forum (ARF), Asean Network Security Action Council (Ansac), etc.
During the 5th ARF Open Ended Study Group (OESG) on Confidence Building Measures (CBMs) held in Kuala Lumpur in 2020, Russia presented a proposal to develop a lexicon of basic terms and definitions of ICT security in response to cyber incidents (which was also supported by China) – to define remedial action.
In response, the NSC via Nacsa hosted Cydes 2020 (first of its kind in the region) in June 2020 in Langkawi to discuss technological solutions to combat cyber threats by inviting ARF dialogue partners including US and Russia (see, Co-Chairs’ Minutes – 5th ARF OESG).
In continuity, Cydes 2021 placed importance on closer engagement and networking with other states and international entities as top agenda in ensuring a more secure cyberspace.
Outside of Asean and the ARF framework, the UK government has been assisting Malaysia over the past few years by sharing information through programmes like Cyber Talent (a collaboration between Asia Pacific University and MDEC/Malaysia Digital Economy Corporation) that aims to promote upskilling to address Malaysia's growing need for cybersecurity specialists.
Furthermore, Malaysia and the US also agreed to strengthen bilateral ties last year to expand digital collaboration, particularly in cyber security (see, “Malaysia, US to strengthen cooperation on cybersecurity, digital economy”, K-KOMM).
However, engaging with our traditional friends alone is not enough.
Hence, we must take full advantage of our country’s neutral stand by developing stronger collaborative ties with non-Western countries as well.
This is in line with the broader vision of a rules-based multilateral order in cyberspace, as clearly stated in the Asean Cybersecurity Cooperation Strategy (2021-2025).
This is why Prime Minister Ismail Sabri has stated that Asean can leverage Russia’s background, experience and expertise in digital technologies to help combat cybercrimes (see, “PM: Asean can leverage on Russia’s expertise to combat cybercrimes”, The Star, October 28, 2021).
The complexity and diversity of cyber-threats make collaboration with all parties a vital imperative.
Although the West has rhetorically accused Russia of “cyber-aggression", it needs to be re-stated that Malaysia’s foreign policy interests diverge significantly from the West and that we enjoy a cordial relationship with Russia.
Russia’s image in the eyes of many Malaysians is also not too unfavourable as compared to most countries in the Western hemisphere.
The US has never shared Russia’s International Information Security (IIS) approach which prioritises national sovereignty (“Global Cybersecurity at Stake Amid US and Russia's Disagreements”, September 7, 2021) – suspecting that the real motivation is the intention to legitimise the suppression of free cyber-domains.
It cannot be emphasised too strongly, however, that Russia is a global cyber power that cannot be ignored or sidelined.
Indeed, Russia plays a critical role in the international cyber order vis-à-vis the US and has contributed significantly to the advancement of the digital security agenda in the UN and BRICs (the major emerging countries) – providing a necessary counter-balance.
Russia has extensive networks in terms of cross-border cyber-security regulations and enforcement because of its linkages with former member-states of the USSR and it’s also been claimed that Russian organised crime has been financing local Malaysian hackers (see, “Cybercrimes in the Former Soviet Union and Central and Eastern Europe: current status and key drivers”, The Quest to Cyber Superiority, 2016).
Close ties and collaboration with Russia will help to enhance our knowledge, exposure and capabilities in combatting cybercrimes, especially when the origins are outside Malaysia.
In addition, the fifth pillar under the Malaysia Cyber Security Strategy (MCSS) 2020-2024 which underlines “strengthening global collaboration”, is pivotal and should be an enabler for cyber diplomacy with other non-Asean members like Russia.
The MCSS document clearly highlights a comprehensive framework of engagement with state actors bilaterally that may include knowledge sharing, transfer of information exchange, training policy dialogues, jointly organised programmes, and discussion on the harmonisation of legislation.
To this end, it is worth mentioning that we – as a middle power – aren’t seeking “co-dependence”, but rather "diversification of relationships" (which avoids “bandwagoning” and “hedging”) with all players, including Russia.
This is important because co-dependence (i.e., too much dependence) on a particular foreign country can be risky – again not least with cybersecurity implications.
Jason Loh and Hazriq Iqmal Abdul Aziz are part of the research team of EMIR Research, an independent think tank focused on strategic policy recommendations based on rigorous research.
** The views and opinions expressed in this article are those of the author(s) and do not necessarily reflect the position of Astro AWANI.
Astro Awani
Tue Oct 04 2022
Russia is a global cyber power that cannot be ignored or sidelined. - Freepik
Who is Prabowo Subianto, incoming president of Indonesia?
A wealthy ex-general with ties to Indonesia's popular outgoing president and its dictatorial past, looks set to be its next leader.
Iran's supreme leader says Hamas leader's death will not halt 'Axis of Resistance'
The "Axis of Resistance", built up with years of Iranian support, includes Hamas, the Lebanese Hezbollah group, the Houthi movement in Yemen, and various Shi'ite groups in Iraq and Syria.
Putin says Russia willing to seek compromises between Iran and Israel
Russia is ready to help seek compromises between arch-foes Israel and Iran, President Vladimir Putin said on Friday, saying these would be difficult but possible.
What proposals will Russia push at the BRICS summit?
The proposal is also to establish a BRICS reinsurance company to allow uninterrupted shipment of goods and key commodities between members.
Indonesia's free meals plan in the spotlight as Prabowo readies for office
Prabowo calls the programme one of the main drivers of economic growth, eventually set to add an estimated 2.5 million jobs.
Astro AWANI's revamped English news website, AWANI International, launches on Oct 21
Astro AWANI's revamped English platform delivers in-depth global news and expert analysis to keep you informed on key developments.
Israeli strikes kill 33 people in Jabalia refugee camp in Gaza, medics say
Residents of Jabalia said Israeli tanks had reached the heart of the camp after pushing through suburbs and residential districts.
Liam Payne's ex-partner calls for media restraint after 'painful' death
Cheryl Tweedy used her statement to urge the media to remember they had a seven-year-old son, Bear, who could read the reports.
Analysts: Indonesia's strong MoF leadership team to boost investor confidence
Sri Mulyani Indrawati as head of Indonesia's Ministry of Finance is expected to instil confidence among investors.
Biden offers both a carrot and a stick to Israel as his term nears an end
Israel has frequently resisted US advice and has caused political difficulties for the Biden administration.
Putin says BRICS will generate most of global economic growth
Russian President Vladimir Putin will host a summit of the group in the city of Kazan on Oct. 22-24.
ISIS Malaysia's perspective of Budget 2025
An excellent rakyat-centric budget under the overarching principle of a caring and humane economy.
Budget 2025: Record increase in STR, SARA aid initiatives
The government will provide a significant boost to the Sumbangan Tunai Rahmah (STR) and Sumbangan Asas Rahmah (SARA) initiatives next year.
Budget 2025: EPF contributions to be made mandatory for foreign workers – PM Anwar
The government plans to make it compulsory for all non-citizen workers to contribute to the Employees Provident Fund (EPF).
What policies to expect from Indonesia's new President Prabowo
Prabowo will be open to foreign investment, his aide has said, such as by offering investors management of airports and sea ports.
Budget 2025: Govt allocates RM470 mil to empower women's participation in PMKS
The Women's Leadership Apprenticeship Program will be intensified as an effort to produce more female corporate personalities.
Israel sends more troops into north Gaza, deepens raid
Residents of Jabalia in northern Gaza said Israeli tanks had reached the heart of the camp, using heavy air and ground fire.
Indonesia ramps up security ahead of Prabowo's inauguration
Prabowo Subianto will be sworn in as Indonesia's president on Sunday with Vice President-elect, Gibran Rakabuming Raka, also taking office.
Immediate allocation of RM150 mil for local authorities, DID to tackle flash floods
Datuk Seri Anwar Ibrahim said this allocation is intended to address the recent flash floods that hit the capital and several major towns.
Budget 2025: Sabah, Sarawak to continue receiving among highest allocations - PM
Sabah and Sarawak continues to be prioritised under Budget 2025, with allocations of RM6.7 billion and RM5.9 billion respectively.